
A 



United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.uspto.gov 



APPLICATION NO 


FILING DATE 


FIRST NAMED INVENTOR 


ATTORNEY DOCKET NO. 


CONFIRMATION NO. 


09/637,123 


08/1 1/2000 


Ramanathan Ramanathan 


042390.P9016 


7337 



7590 

Blakely Sokoloff 
Taylor & Zafrnan LLP 
7th Floor 

12400 Wilshire Boulevard 
Los Angeles, CA 90025 



12/21/2004 



EXAMINER 



SHERKAT, AREZOO 



ART UNIT 



PAPER NUMBER 



2131 

DATE MAILED: 12/21/2004 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



\JlllKrx2 nOl/U/f OCiffffffcff Jr 


Application No. 

09/637,123 


Applicant(s) 

RAMANATHAN, RAMANATHAN 


Examiner 

Arezoo Sherkat 


Art Unit 

2131 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S. C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )[3 Responsive to communication(s) filed on 12 July 2004 . 
2a)S This action is FINAL. 2b)D This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1-24 and 30-34 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) M Claim(s) 7-24 and 30-34 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 11 August 2000 is/are: a)[X] accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

1 2)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)D All b)D Some * c)Q None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



\ 



Attachment(s) 

1) CH Notice of References Cited (PTO-892) 

2) CH Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) (ZJ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 

Paper No(s)/Mail Date . 



4) O interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) □ Notice of Informal Patent Application (PTO-1 52) 

6) □ Other: . 



U.S. Patent and Trademark Office 
PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 10 



Application/Control Number: 09/637,123 Page 2 

Art Unit: 2131 

Response to Arguments 

Applicant's arguments filed 7/09/2004 have been fully considered but they are 
not persuasive. 

The applicant argues that "By contrast, the present application pertains to 
methods and systems for monitoring encrypted communications in a network. For 
instance, claim 1 recites a method involving a "policy administrator" that establishes a 
"network monitoring digital contract" with a "network monitoring element." As explained 
on pages 7-9 of the Detailed Description, a network monitoring digital contract 
memorializes an agreement between the policy administrator and the network 
monitoring element to authorize the network monitoring element to monitor 
communications between network elements. In addition, claim 1 recites that the policy 
administrator provides the network monitoring element with decrypting information, 
based on (a) the network monitoring digital contract between the policy administrator 
and the network monitoring element and (b) a "network use digital contract" between 
the policy administrator and first and second "network elements." The decrypting 
information that the policy administrator sends to the network monitoring element allows 
the network monitoring element to "decrypt encrypted communications between the first 
network element and the second network." Claim 14 involves software for implementing 
features such as those recited in claim 1." 

As the applicant acknowledges, the combination of McArdle and Susakie create 
a data processing system that a) serves as an escrow agent for archiving digital 
contracts from service receiving units, while also b) serving as an email monitor, to 
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intercept email messages and enforce security restrictions, it will still read on the 
claimed limitations. The examiner explains that McArdle discloses policy management 
agent 381 controls all the communications between the messaging client 325 and the 
messaging gateway 391. Policy management agent traps the outbound message and 
processes it according to crypto-policy rules which has been established for the system 
(Col. 11, lines 54-67 and Col. 12, lines 1-35). Susakie discloses transmitting decrypting 
information to the network monitoring element (i.e., certificate authority 170) for 
decrypting encrypted communications between the first network element and the 
second network element (i.e., service supplying unit 130 and service receiving unit 140) 
per terms in the network monitoring digital contract and the network use digital contract 
(Col. 9, lines 60-67 and Col. 10, lines 1-65). While the claims are read and examined in 
the light of specification, the examiner declines to read the specification into the 
limitations of the claimed subject matter. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented 
and the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 



Claims 1-3, 12-16, 23-24, and 30-32 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over McArdle et al., (U.S. Patent No. 6,442,686 and McArdle 
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hereinafter) in view of Susakie et al., (U.S. Patent No. 6,253,322 and Susakie 
hereinafter). 

Regarding claims 1 and 30-32, McArdle discloses a method comprising a policy 
administrator (i.e., server side 380): 

establishing a network monitoring digital contract (i.e., email message) with a 
network monitoring element (i.e., policy management agent 381 and analysis engine 
385), establishing a network use digital contract (i.e., email message) with a first and a 
second network element (i.e., communicating to the sender and the receiver of the 
email message)(Col. 10, lines 22-67 and Col. 11, lines 30-67 and Col. 12, lines 1-67). 

McArdle does not expressly disclose transmitting decrypting information to the 
network monitoring element for decrypting encrypted communications. 

However, Susaki discloses 

transmitting decrypting information to the network monitoring element (i.e., 
certificate authority 170) for decrypting encrypted communications between the first 
network element and the second network element (i.e., service supplying unit 130 and 
service receiving unit 140) per terms in the network monitoring digital contract and the 
network use digital contract (Col. 9, lines 60-67 and Col. 10, lines 1-65). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings of 
Susakie to include transmission of encryption key as part of the digital contract with the 
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motivation to provide for reliable electronic commerce using cryptographic technology 
(Susakie, Col. 1, lines 6-10). 

Regarding claim 2, McArdle discloses encrypted communication between a 
sender, a receiver, and a policy management agent (Col. 10, lines 22-67 and Col. 11, 
lines 30-67 and Col. 12, lines 1-67). 

McArdle does not expressly disclose transmitting decrypting information to the 
network monitoring element. 

However, However, Susaki discloses 

communicating the common key between service supplying unit and the 
certificate authority (Col. 9, lines 60-67 and Col. 10, lines 1-65). 

transmitting decrypting information to the network monitoring element (i.e., 
certificate authority 170) for decrypting encrypted communications between the first 
network element and the second network element (i.e., service supplying unit 130 and 
service receiving unit 140) per terms in the network monitoring digital contract and the 
network use digital contract comprises the policy administrator (Col. 4, lines 33-67 and 
Col. 5, lines 1-67, Col. 6, lines 1-57); 

receiving a request from the network monitoring element for the decrypting 
information, transmitting a request to the network monitoring element for the network 
monitoring digital contract, receiving the network monitoring digital contract from the 
network monitoring element (Col. 9, lines 60-67 and Col. 10, lines 1-67 and Col. 1 1 , 
lines 1-7); 
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authenticating the received network monitoring digital contract (Col. 4, lines 33- 
67 and Col. 5, lines 1-67, Col. 6, lines 1-57); and 

transmitting decrypting keys to decrypt the encrypted communications between 
the first network element (i.e., service supplying unit 130) and the second network 
element (i.e., service receiving unit 140) to the network monitoring element (Col. 6, lines 
29-57); 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
of Susakie to include communicating of decrypting information and authenticating the 
communicated information with the motivation to provide for reliable electronic 
commerce using cryptographic technologies (Susakie, Col. 1, lines 5-10). 

Regarding claim 3, McArdle does not expressly disclose transmitting decrypting 
information to the network monitoring element. 

However, Susakie discloses wherein transmitting decrypting information to the 
network monitoring element (i.e., certificate authority 170) for decrypting encrypted 
communications between the first network element (i.e., service supplying unit 130) and 
the second network element (i.e., service receiving unit 140) per terms in the network 
monitoring digital contract (Col. 4, lines 33-67 and Col. 5, lines 1-67, Col. 6, lines 1-57); 
and 

Moreover, McArdle discloses the network use digital contract comprises the 
policy administrator decrypting the encrypted communications between the network 
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elements and transmitting the decrypted communications to the network monitoring 
element (i.e., policy management agent 381 controls all the communications between 
the messaging client 325 and the messaging gateway 391. Policy management agent 
traps the outbound message and processes it according to crypto-policy rules which 
has been established for the system)(Col. 11, lines 54-67 and Col. 12, lines 1-35). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
of Susakie to include communicating of decrypting information and authenticating the 
communicated information with the motivation to provide for reliable electronic 
commerce using cryptographic technologies (Susakie, Col. 1 , lines 5-10). 

Regarding claim 12, McArdle discloses a method, comprising: 
establishing by a first network element (i.e., sender/email client, 325), a network 
use digital contract with a policy administrator (i.e., policy management agent, 381), 
communicating with a second network element per the terms of the network use digital 
contract (i.e., if the email message conforms to the rules, it then may be passed on to 
the messaging gateway, for transport to the intended recipient)(Col. 1 1 , lines 30-67 and 
Col. 12, lines 1-35); and 

logging in a secure manner, encryption and authenticating algorithms, and 
decryption keys used in the communication, and permitting the policy administrator 
access to the log to obtain the decrypting keys (Col. 12, lines 35-67 and Col. 13, lines 1- 
17). 
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Regarding claim 13, McArdle does not expressly disclose digital certificates. 
However, Susaki discloses wherein establishing by a first network element (i.e., 
service supplying unit), a network use digital contract with a policy administrator (i.e., 
service receiving unit) comprises a network element: 

transmitting its digital certificate, transmitting its digital signature, and receiving a 
copy of the network use digital contract from the policy administrator (i.e., the service 
receiver 110, receives and deciphers contract information 160 using the service 
receiving unit 140 in step 905a)(Col. 11, lines 50-67 and Col. 12, lines 1-60). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
of Susaki to include transmitting and receiving digital certificates between network 
monitoring element and the policy administrator with the motivation to achieve 
implementing certification and authentication services (Susaki, Col. 2, lines 44-67). 

Regarding claim 14, McArdle discloses an article of manufacture comprising: a 
machine-readable medium (i.e., client side and server side storage) that provides 
instructions (i.e., Microsoft Outlook email client), that when executed by a machine, 
cause said machine to perform operations. comprising: 

establishing a network monitoring digital contract with a network monitoring 
element (i.e., sending email from sender's machine to the policy management agent), 
establishing a network use digital contract with a first and a second network element 
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i.e., communicating with sender and/receiver)(Col. 11, lines 30-67 and Col. 12, lines 1- 
67). 

McArdle does not expressly disclose transmitting decrypting information to the 
network monitoring element to decrypt encrypted communication between first and 
second network elements. 

However, Susakie discloses: 

transmitting decrypting information to the network monitoring element for 
decrypting encrypted communications between the first network element (i.e., service 
supplying unit 130) and the second network element (i.e., service receiving unit 140) per 
terms in the network monitoring digital contract and the network use digital contract 
(Col. 10, lines 35-67 and Col. 11, lines 1-25). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
of Susakie to include communicating decrypting information for decrypting encrypted 
communications with the motivation to provide for reliable electronic commerce using 
cryptographic technologies (Susakie, Col. 1, lines 5-10). 

Regarding claim 15, McArdle does not expressly disclose transmitting decrypting 
information to the network monitoring element to decrypt encrypted communication 
between first and second network elements. 

However, Susakie discloses wherein said instructions for transmitting decrypting 
information to the network monitoring element for decrypting encrypted communications 
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between the first network element and the second network element per terms in the 
network monitoring digital contract and the network use digital contract, include further 
instructions to direct the policy administrator 

to receive a request from the network monitoring element for the decrypting 
information, to receive the network monitoring digital contract from the network 
monitoring element (Col. 9, lines 60-67 and Col. 10, lines 1-67 and Col. 11, lines 1-7); 

to authenticate the network monitoring digital contract (Col. 4, lines 33-67 and 
Col. 5, lines 1-67, Col. 6, lines 1-57); and 

to transmit decrypting information, including decrypting keys needed to decrypt 
the encrypted communications between the network elements (i.e., service supplying 
unit 130) and the second network element (i.e., service receiving unit 140) to the 
network monitoring element (Col. 6, lines 29-57); 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
of Susakie to include communicating of decrypting information and authenticating the 
• communicated information with the motivation to provide for reliable electronic 
commerce using cryptographic technologies (Susakie, Col. 1 , lines 5-10). 

Regarding claim 16, McArdle does not expressly disclose wherein said 
instructions for transmitting decrypting information to the network monitoring element for 
decrypting encrypted communications between the first network element and the 
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second network element per terms in the network monitoring digital contract and the 
network use digital contract include further instructions. 

However, Susakie wherein said instructions for transmitting decrypting 
information to the network monitoring element for decrypting encrypted communications 
between the first network element and the second network element per terms in the 
network monitoring digital contract and the network use digital contract (Col. 10, lines 
35-67 and Col. 1 1 , lines 1-25) include further instructions: 

to decrypt the encrypted communications between the network elements (Col 10, 
lines 25-67 and Col. 11, lines 1-7); and 

to transmit the decrypted communications to the network monitoring element 
(Col. 6, lines 29-57). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
of Susakie to include communicating decrypting information for decrypting encrypted 
communications with the motivation to provide for reliable electronic commerce using 
cryptographic technologies (Susakie, Col. 1, lines 5-10). 

• o 

Regarding claim 23, McArdle discloses an article of manufacture comprising: a 
machine-readable medium that provides instructions, that when executed by a machine, 
cause said machine to perform operations comprising: 

establishing by a first network element (i.e., sender/email client, 325), a network 
use digital contract with a policy administrator (i.e., policy management agent, 381), 
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communicating with a second network element per the terms of the network use digital 
contract (i.e., if the email message conforms to the rules, it then may be passed on to 
the messaging gateway, for transport to the intended recipient)(Col. 1 1 , lines 30-67 and 
Col. 12, lines 1-35); 

logging in a secure manner, encryption and authenticating algorithms, and 
decryption keys used in the communication, and permitting the policy administrator 
access to the log to obtain the decrypting keys (Col. 12, lines 35-67 and Col. 13, lines 1- 
17); and 

permitting the policy administrator access to the log to obtain the decrypting keys 
(Col. 6, lines 20-67 and Col. 7, lines 1-67 and Col. 8, lines 1-57). 

Regarding claim 24, McArdle does not expressly disclose communication of a 
digital contract. 

However, Susaki discloses wherein establishing by a first network element (i.e., 
service supplying unit), a network use digital contract with a policy administrator (i.e., 
service receiver) comprises a network element: 

transmitting its digital certificate, transmitting its digital signature, and receiving a 
copy of the network use digital contract from the policy administrator (i.e., the service 
receiver 110, receives and deciphers contract information 160 using the service 
receiving unit 140 in step 905a)(Col. 1 1 , lines 50-67 and Col. 12, lines 1-60). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
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of Susaki to include transmitting and receiving digital certificates between network 
monitoring element and the policy administrator with the motivation to achieve 
implementing certification and authentication services (Susaki, Col. 2, lines 44-67). 

Claims 4-11, 17-19, and 33-34 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over McArdle et al., (U.S. Patent No. 6,442,686 and McArdle hereinafter) 
and Susakie et al., (U.S. Patent No. 6,253,322 and Susakie hereinafter), in view of 
Andrews et al., (U.S. Patent No. 6,324,645 and Andrews hereinafter). 

The teachings of McArdle and Susakie have been discussed previously. 

Regarding claim 4, McArdle or Susakie does not expressly disclose the use of 
digital certificate and digital signature for authentication. 

However, Andrews disclose wherein establishing a network monitoring digital 
contract with a network monitoring element (i.e., a user) comprises: 

receiving a network monitoring element's digital certificate, authenticating the 
network monitoring element's digital certificate (Col. 9, lines 22-67 and Col. 10, lines 1- 
53); 

receiving a network monitoring element's digital signature, authenticating the 
network monitoring element's digital signature (Col. 4, lines 50-67 and Col. 5, lines 1- 
11); 

writing contract terms in an electronic document (i.e., the digital certificate 200 
uses the X.509 format and includes a serial number 202, the CA's distinguished name 
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204, the user 102's distinguished name 206, a period of validity 208, the user 102's 
public key 210, possibly digital certificate extensions 212, and the CA's digital signature 
214)(Col. 7, lines 37-67 Col. 8, lines 1-67 and Col. 9, lines 1-59 and Col. 10, lines 19- 
52 and Col. 11, lines 34-50). 

Furthermore, Susakie discloses: 

writing the network element's digital certificate and the network element's digital 
signature in the electronic document (Col. 12, lines 45-67 and Col. 13, lines 1-10); 

writing a digital certificate of the policy administrator and a digital signature of the 
policy administrator in the electronic document; and transmitting a copy of the 
electronic document to the network element (Col. 13, lines 10-61). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle and Susakie with 
the teachings of Andrews to include computer-implemented techniques based on digital 
certificates with the motivation to efficiently allow multiple users to share a public key 
management infrastructure, while simultaneously managing the risk associated with 
such sharing (Andrews, Col. 3, lines 12-20). 

Regarding claim 5, McArdle or Susakie does not expressly disclose writing of the 
contract terms in an electronic document. 

However, Andrews discloses wherein writing contract terms in an electronic 
document comprises: 
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writing an effective date and time of the network monitoring digital contract, 
writing a time period during which the network monitoring digital contract is valid (i.e., 
period of validity, Fig. 2, element 208)(Col. 6, lines 18-35 and Col. 9, lines 22-59). 

specifying the decrypting information (i.e., user public key, 210), including 
decrypting keys the network monitoring element is to receive (Col. 9, lines 22-59). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle and Susakie with 
the teachings of Andrews to include digital certificates including date and time validity 
information as well as decrypting information with the motivation to provide for a better 
security (Andrews, Col. 6, lines 25-35). 

Regarding claim 6, McArdle or Susakie does not expressly disclose digital 
certificates and signatures. 

However, Andrews discloses wherein establishing a network use digital contract 
with each network element comprises: 

receiving a network monitoring element's digital certificate, authenticating the 
network monitoring element's digital certificate (Col. 9, lines 22-67 and Col. 10, lines 1- 
53); 

receiving a network monitoring element's digital signature, authenticating the 
network monitoring element's digital signature (Col. 4, lines 50-67 and Col. 5, lines 1- 
11); 
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writing contract terms in an electronic document (i.e., the digital certificate 200 
uses the X.509 format and includes a serial number 202, the CA's distinguished name 
204, the user 102's distinguished name 206, a period of validity 208, the user 102's 
public key 210, possibly digital certificate extensions 212, and the CA's digital signature 
214)(Col. 7, lines 37-67 Col. 8, lines 1-67 and Col. 9, lines 1-59 and Col. 10, lines 19- 
52 and Col. 11, lines 34-50). 

Furthermore, Susakie discloses: 

writing the network element's digital certificate and the network element's digital 
signature in the electronic document (Col. 12, lines 45-67 and Col. 13, lines 1-10); 

writing a digital certificate of the policy administrator and a digital signature of the 
policy administrator in the electronic document; and transmitting a copy of the 
electronic document to the network element (Col. 13, lines 10-61). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle and Susakie with 
the teachings of Andrews to include computer-implemented techniques based on 
digital certificates with the motivation to efficiently allow multiple users to share a public 
key management infrastructure, while simultaneously managing the risk associated 
with such sharing (Andrews, Col. 3, lines 12-20). 

Regarding claim 7, McArdle or Susakie does not expressly disclose writing of the 
contract terms in an electronic document. 
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However, Andrews discloses wherein writing contract terms in an electronic 
document comprises: 

writing an effective date and time of the network use digital contract (i.e., period 
of validity, Fig. 2, element 208)(Col. 6, lines 18-35 and Col. 9, lines 22-59); and 

specifying the decrypting information (i.e., user public key, 210), including 
decrypting keys the policy administrator obtains from the network element (Col. 9, lines 
22-59). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle and Susakie with 
the teachings of Andrews to include digital certificates including date and time validity 
information as well as decrypting information with the motivation to provide for a better 
security (Andrews, Col. 6, lines 25-35). 

Regarding claim 8, McArdle discloses that the PGP runtime engine builds a 
status list for the message (Col. 12, lines 35-67 and Col. 13, lines 1-18). 

McArdle or Susakie does not expressly disclose transmitting the network policy 
to network elements. 

However, Andrews discloses further comprising: 

establishing a network policy (Col. 1, lines 65-67 and Col. 2, lines 1-67). 

transmitting the network policy (i.e., digital certificate) to network elements (i.e., 
users of the network)(Col. 6, lines 18-25). 
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Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle and Susakie with 
the teachings of Andrews to include computer-implemented techniques (i.e., network 
policies) based on digital certificates with the motivation to efficiently allow multiple 
users to share a public key management infrastructure, while simultaneously managing 
the risk associated with such sharing (Andrews, Col. 3, lines 12-20). 

Regarding claims 9, and 33-34, McArdle or Susakie does not expressly disclose 

a network monitoring element establishing a network monitoring digital contract with a 

policy administrator. 

However, Andrews discloses comprising a network monitoring element: 
establishing a network monitoring digital contract (i.e., digital certificate) with a 

policy administrator (i.e., certification authority, CA)(Col. 10, lines 19-67 and Col. 12, 

lines 24-67); 

transmitting a request to monitor encrypted communications between network 
elements, transmitting the network monitoring digital contract (i.e., authenticating the 
user to access and use the appropriate public key to decrypt the encrypted message by 
issuing and transmitting a digital certificate)(Col. 4, lines 35-67); and 

receiving decrypting information (i.e., digital certificate including public key, 210), 
including decrypting keys from the policy administrator (i.e., certification authority) for 
decrypting encrypted communications between a first network element and a second 
network element per the terms in the network monitoring digital contract (i.e., digital 
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certificate contains information a user's privileges such as encrypting decrypted 

messages)(Col. 9, lines 22-58). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle and Susakie with 
the teachings of Andrews to include computer-implemented techniques (i.e., network 
policies) based on digital certificates and the capability to monitor encrypted 
communications with the motivation to efficiently allow multiple users to share a public 
key management infrastructure, while simultaneously managing the risk associated 
with such sharing (Andrews, Col. 3, lines 12-20). 

Regarding claim 10, McArdle does not expressly disclose wherein receiving 
decrypting information from the policy administrator for decrypting encrypted 
communications. 

However, Susakie discloses wherein receiving decrypting information from the 
policy administrator for decrypting encrypted communications between a first network 
element (i.e., service supplying unit 130) and a second network element (i.e., service 
receiving unit 140) per the terms in the network monitoring digital contract comprises 
receiving from the policy administrator decrypted communications after the policy 
administrator (i.e., certificate authority 170) decrypts the encrypted communications 
between the network elements (Col. 4, lines 33-67 and Col. 5, lines 1-67, Col. 6, lines 1- 
57); and 
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Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
of Susakie to include communicating decrypting information for decrypting encrypted 
communications with the motivation to provide for reliable electronic commerce using 
cryptographic technologies (Susakie, Col. 1 , lines 5-10). 

Regarding claim 1 1 , McArdle does not expressly disclose communication of 
digital certificate between network monitoring element and the policy administrator. 

However, Susaki discloses wherein establishing a network monitoring digital 
contract with a policy administrator (i.e., service receiver unit) comprises a network 
monitoring element (i.e., certificate authority 170): 

transmitting its digital certificate to the policy administrator (i.e., service receiving 
unit), transmitting its digital signature to the policy administrator (i.e., service receiving 
unit)(Col. 5, lines 55-67); and 

receiving a copy of the network monitoring digital contract (i.e., digital certificate) 
from the policy administrator (i.e., certificate authority 170)(Col. 12, lines 24-67 and Col. 
13, lines 1-20). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
of Susaki to include transmitting and receiving digital certificates between network 
monitoring element and the policy administrator with the motivation to achieve 
implementing certification and authentication services (Susaki, Col. 2, lines 44-67). 
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Regarding claims 17 and 18, McArdle does not expressly disclose the 
communication of digital certificates and digital signatures. 

However, Andrews discloses wherein said instructions establishing a network 
monitoring digital contract between a policy administrator (i.e., certificate authority) and 
a network monitoring element (i.e., user) include further instructions 

to receive a network monitoring element's digital certificate and digital signature, 
and to authenticate the network monitoring element's digital certificate and digital 
signature (Col. 4, lines 50-67 and Col. 5, lines 1-11 and Col. 9, lines 22-67 and Col. 10, 
lines 1-53); 

to specify a time period during which the network monitoring digital contract is 
valid (i.e., period of validity, Fig. 2, element 208)(Col. 6, lines 18-35 and Col. 9, lines 22- 
59); 

to write the contract terms, including an effective date and time of the network 
monitoring digital contract (i.e., the digital certificate 200 uses the X.509 format and 
includes a serial number 202, the CA's distinguished name 204, the user 102's 
distinguished name 206, a period of validity 208, the user 102's public key 210, possibly 
digital certificate extensions 212, and the CA's digital signature 214), and to specify the 
decrypting information, including decrypting keys the network monitoring element is to 
obtain in an electronic document (Col. 9, lines 22-59); 

Furthermore, Susakie discloses: 
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to write the network element's digital certificate and the network element's digital 
signature in the electronic document (Col. 12, lines 45-67 and Col. 13, lines 1-10); 

to write a digital certificate of the policy administrator and a digital signature of 
the policy administrator in the electronic document, and to transmit a copy of the 
electronic document to the network element (Col. 13, lines 10-61). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle and Susakie with 
the teachings of Andrews to include computer-implemented techniques based on digital 
certificates with the motivation to efficiently allow multiple users to share a public key 
management infrastructure, while simultaneously managing the risk associated with 
such sharing (Andrews, Col. 3, lines 12-20). 

Regarding claim 19, McArdle discloses that the PGP runtime engine builds a 
status list for the message (Col. 12, lines 35-67 and Col. 13, lines 1-18). 

McArdle or Susakie does not expressly disclose transmitting the network policy 
to network elements. 

However, Andrews discloses further comprising: 

to establish a network policy (Col. 1 , lines 65-67 and Col. 2, lines 1-67). 

to transmit the network policy (i.e., digital certificate) to network elements (i.e., 
users of the network)(Col. 6, lines 18-25). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle and Susakie with 
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the teachings of Andrews to include computer-implemented techniques (i.e., network 
policies) based on digital certificates with the motivation to efficiently allow multiple 
users to share a public key management infrastructure, while simultaneously managing 
the risk associated with such sharing (Andrews, Col. 3, lines 12-20). 

Claims 20-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
McArdle et al., (U.S. Patent No. 6,442,686 and McArdle hereinafter), in view of Andrews 
et al., (U.S. Patent No. 6,324,645 and Andrews hereinafter). 

Regarding claim 20, McArdle does not expressly disclose a network monitoring 
element establishing a network monitoring digital contract with a policy administrator. 

However, Andrews discloses an article of manufacture comprising: a machine- 
readable medium that provides instructions, that when executed by a machine, cause 
said machine to perform operations comprising: 

establishing a network monitoring digital contract (i.e., digital certificate) with a 
policy administrator (i.e., certification authority, CA)(Col. 10, lines 19-67 and Col. 12, 
lines 24-67); 

transmitting a request to monitor encrypted communications between network 
elements, transmitting the network monitoring digital contract (i.e., authenticating the 
user to access and use the appropriate public key to decrypt the encrypted message by 
issuing and transmitting a digital certificate)(Col. 4, lines 35-67); and 
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receiving decrypting information (i.e., digital certificate including public key, 210), 
including decrypting keys from the policy administrator (i.e., certification authority) for 
decrypting encrypted communications between a first network element and a second 
network element per the terms in the network monitoring digital contract (i.e., digital 
certificate contains information a user's privileges such as encrypting decrypted 
messages)(Col. 9, lines 22-58). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
of Andrews to include computer-implemented techniques (i.e., network policies) based 
on digital certificates and the capability to monitor encrypted communications with the 
motivation to efficiently allow multiple users to share a public key management 
infrastructure, while simultaneously managing the risk associated with such sharing 
(Andrews, Col. 3, lines 12-20). 

Regarding claim 21 , McArdle does not expressly disclose wherein said 
instructions for receiving decrypting information from the policy administrator for 
decrypting encrypted communications between a first network element and a second 
network element per the terms in the network monitoring digital contract include further 
instructions to receive from the policy administrator decrypted communications after the 
policy administrator decrypts the encrypted communications between the network 
elements. 
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However, Andrews discloses wherein said instructions for receiving decrypting 
information (i.e., digital certificate including public key, 210) from the policy administrator 
(i.e., certification authority) for decrypting encrypted communications between a first 
network element and a second network element per the terms in the network monitoring 
digital contract include further instructions to receive from the policy administrator 
decrypted communications after the policy administrator decrypts the encrypted 
communications between the network elements (i.e., digital certificate contains 
information a user's privileges such as encrypting decrypted messages)(Col. 9, lines 22- 
58). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle with the teachings 
of Andrews to include computer-implemented techniques (i.e., network policies) based 
on digital certificates and the capability to monitor encrypted communications with the 
motivation to efficiently allow multiple users to share a public key management 
infrastructure, while simultaneously managing the risk associated with such sharing 
(Andrews, Col. 3, lines 12-20). 

Claim 22 is rejected under 35 U.S.C. 103(a) as being unpatentable over McArdle 
et al., (U.S. Patent No. 6,442,686 and McArdle hereinafter) and Andrews et al., (U.S. 
Patent No. 6,324,645 and Andrews hereinafter), in view of Susakie et al., (U.S. Patent 
No. 6,253,322 and Susakie hereinafter). 
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The teachings of McArdle and Andrews have been discussed previously. 

Regarding claim 22, McArdle or Andrews does not expressly disclose 
communication of digital certificate between network monitoring element and the policy 
administrator. 

However, Susaki discloses wherein establishing a network monitoring digital 
contract with a policy administrator (i.e., service receiver unit) comprises a network 
monitoring element (i.e., certificate authority 170): 

to transmit its digital certificate to the policy administrator (i.e., service receiving 
unit), to transmit its digital signature to the policy administrator (i.e., service receiving 
unit)(Col. 5, lines 55-67); and 

to receive a copy of the network monitoring digital contract (i.e., digital certificate) 
from the policy administrator (i.e., certificate authority 170)(Col. 12, lines 24-67 and Col. 
13, lines 1-20). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of McArdle and Andrews with 
the teachings of Susaki to include transmitting and receiving digital certificates between 
network monitoring element and the policy administrator with the motivation to achieve 
implementing certification and authentication services (Susaki, Col. 2, lines 44-67). 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Chandersekaran et al., (U.S. Patent No. 6,058,188), 
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Gressel et al., (U.S. Patent No. 5,852,665), 
Ganesan et al., (U.S. Patent No. 5,535,276), 
Romeny et al., (U.S. Patent No. 6,085,322), and 
Nemovicher, (U.S. Publication No. 2002/0007453). 



Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 . 1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Arezoo Sherkat whose telephone number is (571) 272- 
3796. The examiner can normally be reached on 8:00-4:30 Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571 ) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




Arezoo Sherkat 
Patent Examiner 
Art Unit 2131 
Nov. 26, 2004 




